Douglas Bagnall 795f4729ca auth: keep track of lastLogon and lastLogonTimestamp ... lastLogon is supposed to be updated for every interactive or kerberos login, and (according to testing against Windows2012r2) when the bad password count is non-zero but the lockout time is zero. It is not replicated. lastLogonTimestamp is updated if the old value is more than 14 - random.choice([0, 1, 2, 3, 4, 5]) days old, and it is replicated. The 14 in this calculation is the default, stored as "msDS-LogonTimeSyncInterval", which we offer no interface for changing. The authsam_zero_bad_pwd_count() function is a convenient place to update these values, as it is called upon a successful logon however that logon is performed. That makes the function's name inaccurate, so we rename it authsam_logon_success_accounting(). It also needs to be told whet5her the login is interactive. The password_lockout tests are extended to test lastLogon and lasLogonTimestamp. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Ralph Boehme <slow@samba.org>		2015-12-15 00:08:57 +01:00
..
common	lib: Convert callers of sid_blob_parse to sid_parse	2015-08-26 21:41:12 +02:00
dns	Fix the developer O3 build	2015-02-25 16:32:29 +01:00
kcc	kcc: Wait until the samba_kcc script runs to declare success to the caller	2015-05-28 07:25:07 +02:00
repl	repl: Give an error if we get a secret when not expecting one	2015-10-26 05:11:21 +01:00
samdb	Fix various spelling errors	2015-11-06 13:43:45 +01:00
schema	dsdb: Fix CID 1034745 Dereference after null check	2015-06-23 22:12:09 +02:00
tests/python	auth: keep track of lastLogon and lastLogonTimestamp	2015-12-15 00:08:57 +01:00
pydsdb.c	pydsdb: Also accept ldb.MessageElement values to dsdb routines	2015-10-26 05:11:21 +01:00
samdb.pc.in	s4-pkgconfig: add @LIB_RPATH@ to our link flags	2010-12-08 12:46:00 +01:00
wscript_build	s4:dsdb/common: add helper functions for trusted domain objects (tdo)	2015-07-08 18:38:20 +02:00